| View previous topic :: View next topic |
| Author |
Message |
Pot.Smoking.Terrorist
Expert Cheater
 Reputation: 0
Joined: 15 Jun 2008
Posts: 175
Location: Germany
|
 Posted: Fri Sep 19, 2008 11:38 am Post subject: BioShock 1.1 (Censored) and CheatEngine |
 |
|
Hi,
I tried the hole day to make a Trainer (Ammo, Money, ADAM and so on ^^ ) for BioShock (1.1 Censored). But everytime I use "find out what adress writes to" BioShock gona Crash... I have the Original, German Version (with no Crack!).
I have Windows Vista Home Premium x86 and I've already tried to "Run as Administrator" (CheatEninge AND BioShock) but It doesn't helped me... 
All trainers I can find on the WWW are for the Worldwide (Uncensored) Edition of BioShock...
I hope anybody can help me 
P.S.: Sorry for my bad english... |
|
| Back to top |
|
 |
Dark Byte
Site Admin
 Reputation: 471
Joined: 09 May 2003
Posts: 25833
Location: The netherlands
|
| Posted: Fri Sep 19, 2008 2:40 pm Post subject: |
|
|
hmm, it could be vista.
anyhow, go to settings->extra and enable kernelmode debugging.
let the systemcallretriever run
When done, restart ce, and open bioshock with ce (click ok, not attach)
then use either "Find out what accesses" or "Find out what writes" and make sure it does not ask you to attach the debugger
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping
Last edited by Dark Byte on Fri Sep 19, 2008 4:34 pm; edited 1 time in total |
|
| Back to top |
|
|
Pot.Smoking.Terrorist
Expert Cheater
Reputation: 0
Joined: 15 Jun 2008
Posts: 175
Location: Germany
|
| Posted: Fri Sep 19, 2008 3:24 pm Post subject: |
|
|
THX! It does work! I'm so happy right now! I tried it the hole day and now I can "go on" ^^
Oh, another question: What can I do If a Game uses 1 adress for my Health AND the Health of my Enemys?! (for example: SpaceSiege-> If I froze the "Health Adress" my Enemys [and Objects] are unvulnable)
Thanks again and thanks in advice  |
|
| Back to top |
|
|
deleted19776
I post too much
![]() Reputation: 11
Joined: 29 Apr 2007
Posts: 3838
|
| Posted: Fri Sep 19, 2008 3:51 pm Post subject: |
|
|
| Dark Byte wrote: | hmm, it could be vista.
anyhow, go to settings->extra and enable kernelmode debugging.
let the systemcallretriever run
When done, restart ce, and open bioshock with ce (click ok, not attach)
then use either "Find out what accesses" or "Find out what reads" and make sure it does not ask you to attach the debugger |
Doesn't anything with the kernel BSOD vista? |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 471
Joined: 09 May 2003
Posts: 25833
Location: The netherlands
|
| Posted: Fri Sep 19, 2008 4:35 pm Post subject: |
|
|
not in ce 5.4 (on a clean system or after running the systemcall retriever)
And in vista 64 you can't even enable those functions
I wouldn't try stealthmode though. Never tested
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
Dark Byte
Site Admin
Reputation: 471
Joined: 09 May 2003
Posts: 25833
Location: The netherlands
|
| Posted: Fri Sep 19, 2008 4:41 pm Post subject: |
|
|
| SLDZ wrote: | Oh, another question: What can I do If a Game uses 1 adress for my Health AND the Health of my Enemys?! (for example: SpaceSiege-> If I froze the "Health Adress" my Enemys [and Objects] are unvulnable)
|
Try a pointer, or use code injection.
Usually it's already enough to check if the first 2 bytes of a struct matches that what is used usually for the player.
e.g find health, then find what accesses. Check the instructions.
e.g mov [eax+14],ebx
then go to the health address-14 and note down the 2 first bytes (it is actually a 4 byte, but for modules that can change offset the first 2 is good enough)
then do a code injection to see if the 2 bytes match or not.
e.g:
| Code: |
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
Game.dll+123456:
jmp newmem
returnhere:
newmem:
cmp word ptr [eax],70e4 //check if player (e.g first 4 bytes are e4 70 10 30 )
je exit //it's the player, skip the decrease of health
originalcode:
sub [eax+14],eax
exit:
jmp returnhere
|
else if this method doesn't work then try to find a code that accesses your health only (e.g the code used to display your health on the screen)
there set your health to max, or write to a registered symbol address that you can use in your table to make it a level 1 pointer
my own bioshock aa script for inf health: (uses the same method)
http://forum.cheatengine.org/viewtopic.php?t=125711
the address will be different but you might probably end up with the same code
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.
Like my help? Join me on Patreon so i can keep helping |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
